<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
<title>Reports</title>
<link rel="stylesheet" href="../../../../../doc/src/boostbook.css" type="text/css">
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
<link rel="home" href="../index.html" title="Chapter&#160;1.&#160;Boost.Beast">
<link rel="up" href="../index.html" title="Chapter&#160;1.&#160;Boost.Beast">
<link rel="prev" href="introduction.html" title="Introduction">
<link rel="next" href="quick_start.html" title="Quick Start">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<table cellpadding="2" width="100%"><tr>
<td valign="top"><img alt="Boost C++ Libraries" width="277" height="86" src="../../../../../boost.png"></td>
<td align="center"><a href="../../../../../index.html">Home</a></td>
<td align="center"><a href="../../../../../libs/libraries.htm">Libraries</a></td>
<td align="center"><a href="http://www.boost.org/users/people.html">People</a></td>
<td align="center"><a href="http://www.boost.org/users/faq.html">FAQ</a></td>
<td align="center"><a href="../../../../../more/index.htm">More</a></td>
</tr></table>
<hr>
<div class="spirit-nav">
<a accesskey="p" href="introduction.html"><img src="../../../../../doc/src/images/prev.png" alt="Prev"></a><a accesskey="u" href="../index.html"><img src="../../../../../doc/src/images/up.png" alt="Up"></a><a accesskey="h" href="../index.html"><img src="../../../../../doc/src/images/home.png" alt="Home"></a><a accesskey="n" href="quick_start.html"><img src="../../../../../doc/src/images/next.png" alt="Next"></a>
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="beast.reports"></a><a class="link" href="reports.html" title="Reports">Reports</a>
</h2></div></div></div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="beast.reports.security_review_bishop_fox"></a><a class="link" href="reports.html#beast.reports.security_review_bishop_fox" title="Security Review (Bishop Fox)">Security Review
      (Bishop Fox)</a>
</h3></div></div></div>
<p>
        Since 2005, <a href="https://www.bishopfox.com/" target="_top">Bishop Fox</a> has
        provided security consulting services to the Fortune 1000, high-tech startups,
        and financial institutions worldwide. Beast engaged Bishop Fox to assess
        the security of the Boost C++ Beast HTTP/S networking library. The following
        report details the findings identified during the course of the engagement,
        which started on September 11, 2017.
      </p>
<p>
        The assessment team conducted a hybrid application assessment of the Beast
        library. Bishop Fox&#8217;s hybrid application assessment methodology leverages
        the real-world attack techniques of application penetration testing in combination
        with targeted source code review to thoroughly identify application security
        vulnerabilities. These fullknowledge assessments begin with automated scans
        of the deployed application and source code. Next, analyses of the scan results
        are combined with manual review to thoroughly identify potential application
        security vulnerabilities. In addition, the team performs a review of the
        application architecture and business logic to locate any design-level issues.
        Finally, the team performs manual exploitation and review of these issues
        to validate the findings.
      </p>
<p>
        <a href="https://vinniefalco.github.io/BeastAssets/Beast%20-%20Hybrid%20Application%20Assessment%202017%20-%20Assessment%20Report%20-%2020171114.pdf" target="_top"><span class="bold"><strong>Beast - Hybrid Application Assessment 2017</strong></span></a>
      </p>
<div class="mediaobject"><embed src="https://www.youtube.com/embed/4TtyYbGDAj0?rel=0" align="middle" width="560" height="315"></embed></div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="beast.reports.websocket_autobahn_testsuite"></a><a class="link" href="reports.html#beast.reports.websocket_autobahn_testsuite" title="WebSocket (Autobahn|Testsuite)">WebSocket
      (Autobahn|Testsuite)</a>
</h3></div></div></div>
<p>
        The <a href="https://github.com/crossbario/autobahn-testsuite" target="_top">Autobahn
        WebSockets Testsuite</a> provides a fully automated test suite to verify
        client and server implementations of The WebSocket Protocol for specification
        conformance and implementation robustness. The test suite will check an implementation
        by doing basic WebSocket conversations, extensive protocol compliance verification
        and performance and limits testing. Autobahn|Testsuite is used across the
        industry and contains over 500 test cases.
      </p>
<p>
        <a href="https://vinniefalco.github.io/BeastAssets/reports/autobahn/index.html" target="_top"><span class="bold"><strong>Autobahn|Testsuite WebSocket Results</strong></span></a>
      </p>
</div>
</div>
<table xmlns:rev="http://www.cs.rpi.edu/~gregod/boost/tools/doc/revision" width="100%"><tr>
<td align="left"></td>
<td align="right"><div class="copyright-footer">Copyright &#169; 2016, 2017 Vinnie Falco<p>
        Distributed under the Boost Software License, Version 1.0. (See accompanying
        file LICENSE_1_0.txt or copy at <a href="http://www.boost.org/LICENSE_1_0.txt" target="_top">http://www.boost.org/LICENSE_1_0.txt</a>)
      </p>
</div></td>
</tr></table>
<hr>
<div class="spirit-nav">
<a accesskey="p" href="introduction.html"><img src="../../../../../doc/src/images/prev.png" alt="Prev"></a><a accesskey="u" href="../index.html"><img src="../../../../../doc/src/images/up.png" alt="Up"></a><a accesskey="h" href="../index.html"><img src="../../../../../doc/src/images/home.png" alt="Home"></a><a accesskey="n" href="quick_start.html"><img src="../../../../../doc/src/images/next.png" alt="Next"></a>
</div>
</body>
</html>
